A
securityA
licenseA
qualityA Model Context Protocol server that facilitates integration with OpenCTI, allowing users to query and retrieve cyber threat intelligence data via a standardized interface.
16
TypeScript
Supports environment variables for storing API keys and secrets using .env files
Uses Jinja2 templating to format responses from various enrichment services, allowing customization of output formats
Provides enrichment for IP addresses, domains, and URLs by retrieving threat intelligence data from VirusTotal
Implements configuration via YAML files to determine which third-party enrichment services should be used for observable lookups
This server cannot be installed
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
A Model Context Protocol server that performs third-party threat intelligence enrichment for various observables (IP addresses, domains, URLs, emails) using services like VirusTotal, Shodan, and AbuseIPDB.
Related MCP Servers
- -securityFlicense-qualityA Model Context Protocol server that provides access to Shodan and VirusTotal APIs for cybersecurity analysis, enabling analysts to perform network intelligence operations including host lookups, vulnerability analysis, and threat intelligence gathering.TypeScript
- -securityAlicense-qualityA Model Context Protocol server that provides network analysis tools for security professionals, enabling AI models like Claude to perform tasks such as ASN lookups, DNS analysis, WHOIS retrieval, and IP geolocation for security investigations.Python
- AsecurityFlicenseAqualityA Model Context Protocol server that enables users to perform third-party enrichment lookups for security observables (IP addresses, domains, URLs, emails) through services like VirusTotal, Shodan, and others.1Python